Thanks.

But is this for both egress and ingress?
And I think the command refers to a prosentage of the interface speed.
If it is a gigabit interface srr-queue bandwidth limit 30 will give 300Mbps?

Do not know if it refers to potential, or actual speed of interface, as in what happends if you have 100Mbps clients connected to a gigabit interface on switch, still 300Mbps, or 30Mbps??

Hello,

I am sorry. I copied and pasted your interface and did not notice it is Gig interface. The number is percentage. It is for (edited) just egress. It just idles your interfece for 70 percent of time if you set it 30. I used them on fastethernet interfaces and the result was satisfyning.

I have not tried them on Gig interfaces. Please try them and give me your feedback.

Masoud

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages wha2tsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Have you tested bandwidth limit for ingress, as the manual seems to imply it's just for output?

srr-queue bandwidth limit

Thanks Joseph for mentioning that. I checked the command and noticed it is only for egress traffic. As for Gig interface, you can change the interface speed to achieve the desired bandwidth.

Respect,

Masoud

Hello,

I look into that command with more detail. Srr-queue bandwidth is for both egress and ingress; however, srr-queue bandwidth limit is only for egress. In order to limit ingress, you need to use police. You can use police for both, but police kills the traffic by tail dropping.

When you set the speed of interface 100M, 50 percent of 100M will be counted by SRR which is 50M.

This is the config for interface Ge 1/0/5. Repeat the config for other interface with the same rule.

mls qos
policy-map rate-50M
class class-default
police 50000000 bc 8000 exceed-action drop

int fa Ge 1/0/5

speed 100
srr-queue bandwidth limit 50 (egress)
service-policy input rate-50M (ingress)

Masoud

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages wha2tsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Masoud is nicely showing what my other post's PS was referring.

In order to limit ingress, you need to use police. You can use police for both, but police kills the traffic by tail dropping.

I'm not sure you can police, per port, egress on a 3750.

Masoud's statement, that policing kills traffic by tail dropping (as do shapers or interface queues will do), I don't believe to be fully accurate.  Masoud might be referring to policing often is more adverse to traffic than a shaper or interface queuing.

The big differences with a policer, unlike a shaper or interface queue, they don't queue packets, they drop packets that exceed some count of bandwidth usage during some time interval.  As they don't queue, they often will drop packets that an interface queue or shaper would not.  However, similar to how a queue's impact to dropping might be adjusted by how large a queue it supports, policing's impact can be adjusted by how large a time interval it measures bandwidth against.

This Cisco whitepaper compares policing vs. shaping: http://www.cisco.com/c/en/us/support/docs/quality-of-service-qos/qos-policing/19645-policevsshape.html

One last item to know, Cisco documents the srr-queue bandwidth limit command as being inexact.

Usage Guidelines

If you configure this command to 80 percent, the port is idle 20 percent of the time. The line rate drops to 80 percent of the connected speed. These values are not exact because the hardware adjusts the line rate in increments of six.

So, although in theory what Masoud is showing is correct, in practice, if you really must not exceed some bandwidth rate, you may need to set the limit "slower" than you really desire.